Even organizations with cybersecurity measures in place are being affected by cyberattacks. Critical infrastructure, healthcare, and state & local government agencies have been frequent targets for attackers. An attack on any organization can impact far more than just customers and employees. As the cybersecurity community, how can we recommend improvements that can minimize the impact and frequency of these attacks?
Recently, tech giants, Microsoft and Google are pledging $30 billion to advance cybersecurity over the next 5 years. Other tech giants are also making pledges to improve and modernize cybersecurity. Apple has announced that it will push for mass adoption of essential cybersecurity tools such as multi-factor authentication (MFA), security training, event logging, and vulnerability remediation. Amazon also intends to make MFA more available, pledging to make it available to all AWS account holders at no extra cost. These initiatives, depending on how they unfold, can be a step forward in improving cybersecurity at large. Still, other than tech giants investing money in security more must be done to improve the impact and frequency of cyberattacks on critical organizations.
Cybersecurity Skills Gap
The demand for cybersecurity professionals is growing at a more exponential rate than the number of professionals with required cybersecurity skills. According to CSO Online, 57% of respondents believe their organization to be impacted by the cybersecurity skills shortage. Without appropriate skills and staffing, organizations can develop gaps in their cybersecurity environment and therefore become more vulnerable to cybersecurity attacks. In a recent white house press release, Girls Who Code, University of Texas System, and Whatcom Community College announced programs to increase the availability of cybersecurity education with the intention of expanding the cybersecurity workforce.
The White House
The Biden Administration has made several initiatives following his initial executive order on improving the nation’s cybersecurity. He has recently announced that the National Institute of Standards and Technology (NIST) will work to develop a new framework for the security of the technology supply chain. This will become a guideline for building secure technology. He has also announced the expansion of the Industrial Control Systems Cybersecurity Initiative to include natural gas pipelines. Cyber insurance providers, Resilience and Coalition agreed to require policyholders to meet a certain threshold of security in order to receive coverage. This threshold of security could include cybersecurity risk assessments and continuous monitoring platforms.
How We Can Help
Many of these recommendations from the white house and by big tech include implementing critical solutions and assessments. Aurora can help your organization implement multi-factor authentication, cybersecurity risk assessments, vulnerability management programs, and more to improve your cybersecurity posture.